TrustSkills
BlogCompareGlossaryDetections

Definition

SSRF (Server-Side Request Forgery)

A vulnerability where an attacker causes a server to make requests to unintended internal or external resources. In the context of MCP servers, SSRF can allow an attacker to use the MCP server as a proxy to reach internal APIs, cloud metadata endpoints (such as AWS instance metadata at 169.254.169.254), or other services that are otherwise unreachable from the public internet. BlueRock Security found 36.7% of audited MCP servers vulnerable to SSRF.

Related terms

MCP server

A server implementing the Model Context Protocol that wraps a service, API, or data source and expos

C2 callback

A Command and Control (C2) callback is a network connection from a compromised system back to an att

Data exfiltration

The unauthorized transfer of sensitive data from a system to an attacker-controlled destination. In

Deep dive

Basic knowledge

What is MCP server security?

MCP servers extend what AI agents can do. That is also what makes them a security boundary. Understanding the threat surface is essential before you connect one to a model with real capabilities.

Scan a skill before you install it

TrustSkills detects the threats described in this glossary before you install a ClawHub skill. Free. No account required.

Run a free scan